I've been working on a php login for a couple days and I have all my files and database working correctly. In my database called members i have a table calles members. In it i have 6 rows:
ID, username, user_password, firstname, lastname, email
Now im creating a 'forgot password' script. I got a script and it works good, except the password that it retrieved was encrypted. I wanted it to retrieve the password without it being encrypted. the encryption i have set up is
sha1. Below is my forgotpassword.php script. Would anyone be kind to show how to make it retrieve it without the encryption?
PHP Code:
<?
include('db.php');
// value sent from form
$email_to=$_POST['email'];
// table name
$tbl_name = members;
// retrieve password from table where e-mail = $email_to(whatever@whatever.com)
$sql="SELECT user_password FROM $tbl_name WHERE email = '$email_to'";
$result=mysql_query($sql);
// if found this e-mail address, row must be 1 row
// keep value in variable name "$count"
$count=mysql_num_rows($result);
// compare if $count =1 row
if($count==1){
$rows=mysql_fetch_array($result);
// keep password in $your_password
$your_password=$rows['user_password'];
// ---------------- SEND MAIL FORM ----------------
// send e-mail to ...
$to=$email_to;
// Your subject
$subject="Your password here";
// From
$header="from: your name <your email>";
// Your message
$messages= "Your password for login to our website \r\n";
$messages.="Your password is $your_password \r\n";
$messages.="more message... \r\n";
// send email
$sentmail = mail($to,$subject,$messages,$header);
}
// else if $count not equal 1
else {
echo "Sorry, we did not find your email in our database";
}
// if your email succesfully sent
if($sentmail){
echo "Your Password Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send password to your e-mail address";
}
?>
much thnx appreciated